# Contributor: tetsumaki <yd-alpine@tetsumaki.net>
# Contributor: Kevin Daudt <kdaudt@alpinelinux.org>
# Maintainer: Kevin Daudt <kdaudt@alpinelinux.org>
pkgname=cs-firewall-bouncer
pkgver=0.0.28
pkgrel=0
pkgdesc="Crowdsec bouncer for firewalls"
url="https://github.com/crowdsecurity/cs-firewall-bouncer"
arch="all"
license="MIT"
makedepends="go gettext"
subpackages="$pkgname-openrc $pkgname-awall::noarch"
options="!check" # no tests
source="$pkgname-$pkgver.tar.gz::https://github.com/crowdsecurity/cs-firewall-bouncer/archive/refs/tags/v$pkgver.tar.gz
	cs-firewall-bouncer.initd
	awall-policy.json
	"

export GOFLAGS="$GOFLAGS -modcacherw"
export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"

build() {
	make \
		BUILD_VERSION=$pkgver \
		BUILD_TAG="aports"
}

package() {
	install -Dm0755 crowdsec-firewall-bouncer -t "$pkgdir"/usr/bin/
	mkdir -p "$pkgdir"/usr/sbin/
	ln -s "$pkgdir"/usr/bin/crowdsec-firewall-bouncer "$pkgdir"/usr/sbin/crowdsec-firewall-bouncer
	install -dm0755 "$pkgdir"/etc/crowdsec/bouncers
	(umask 077 && BACKEND=iptables API_KEY="" envsubst \
		<config/crowdsec-firewall-bouncer.yaml \
		>"$pkgdir"/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml)

	install -Dm0755 "$srcdir"/$pkgname.initd \
		"$pkgdir"/etc/init.d/cs-firewall-bouncer
}

awall() {
	pkgdesc="crowdsec bouncer awall policy"
	depends="$pkgname"
	install_if="awall $pkgname=$pkgver-r$pkgrel"

	install -Dm0644 "$srcdir"/awall-policy.json \
		"$subpkgdir"/etc/awall/optional/cs-firewall-bouncer.json
}

sha512sums="
99a333b894208338088c59c681396f7691ed96432f185ba74b0b72d826fca9bd4a96311fcd484e3ecf1b7fbb695e0274e35043083fb70f04f87b7749a3dc1eea  cs-firewall-bouncer-0.0.28.tar.gz
edaf9cd6af81586fa1b4469f623f5c284934accf3d3717a6d53a9fab964b906f046d45507609c792813bb10977be5fe3a01944d1ec85d7f99579218393eed06d  cs-firewall-bouncer.initd
1d1226e47a2950a2141303da9f5be57cfeee664de9b84cf91791d71034390e6e6a58f0b570939ad7576ccdf5cfe6b3c4f2069aaa98c6e98869d609d6b81f1552  awall-policy.json
"
